Tuesday, May 3, 2011

Unable to ssldump a Real SPDY Session

Last night, I got NPN enabled SPDY working in a VM—thanks to Carson McDonald's work. I am still not quite sure how I see this fitting into a development environment, but I would like to verify that I can sniff SSL/SPDY packets.

So I start my VM back up, with port forwarding on port 10000.

As I did the other night, I use last night's custom installed openssl to generate some server SSL keys:

I sudo apt-get install ssldump inside the VM, but get similar results. I suspect that this might be caused by using a key generated from a different version of openssl. To verify this suspicion, I download the latest version of the ssldump source code into my VM and install it into my local directory:

Sigh. I really do not understand why the application_data does not include the actually decrypted packets. I have the private key and an ssldump compiled against the same openssl that is being used by the eventmachine server. That should work.

Frustrated, I call it a night at this point. SSL sniffing is a nice-to-have, but with the SPDY inspector in chrome://net-internals, not desperately needed. So unless inspiration strikes, I will likely move on tomorrow.